If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Originally posted here by don The only thing that is sent plaintext is the ascii breakout. That is there so we humans can interpret the machine language. That is the only reason. Think tcpdump usage here --->
tcpdump -nXvs 0 ip and host

in other words, it will give you the same "text" that you have in the text section of the sniffer program that you are using. any binary that can be grouped into 7, but normally 8 bits can be viewed as ascii. tcpdump does not do any translating. it captures in binary and can group the binary digits together into bytes (8bits) words (16bits) or long words (32bits).
each single digit takes up four binary bits
45 00 00 30 00 00 40 00 31 06 F4 E0 CF 2C C4 10 (bytes)
4500 0030 0000 4000 3106 F4E0 CF2C C410 (words)
45000030 00004000 3106F4E0 CF2CC410 (long words)http://www.asciitable.com to see how this is simple mapped onto ascii characters. the disadvantage of viewing this "text" is that alot of characters will not be displayed, or will be displayed like ¡ö or ▐ or ¨€ because they might be special characters, null, ack, line feed. viewing the packet data in hex allows you to see everything.

so in other words tcpdump tranlates the hex into text I can use?

by text you can use, you mean what?

Hmm...theres something a little peculiar here. Oh i see what it is! the sentence is talking about itself! do you see that? what do you mean? sentences can\'t talk! No, but they REFER to things, and this one refers directly-unambigeously-unmistakably-to the very sentence which it is!

Originally posted here by (V)/\&gt;&lt; in other words, it will give you the same "text" that you have in the text section of the sniffer program that you are using. any binary that can be grouped into 7, but normally 8 bits can be viewed as ascii. tcpdump does not do any translating. it captures in binary and can group the binary digits together into bytes (8bits) words (16bits) or long words (32bits).
each single digit takes up four binary bits
45 00 00 30 00 00 40 00 31 06 F4 E0 CF 2C C4 10 (bytes)
4500 0030 0000 4000 3106 F4E0 CF2C C410 (words)
45000030 00004000 3106F4E0 CF2CC410 (long words)http://www.asciitable.com to see how this is simple mapped onto ascii characters. the disadvantage of viewing this "text" is that alot of characters will not be displayed, or will be displayed like ¡ö or ▐ or ¨€ because they might be special characters, null, ack, line feed. viewing the packet data in hex allows you to see everything.

by text you can use, you mean what?

In other words I want to be able to sniff protocol x and then be be able to use protocol x via telnet